steal from the rich, give to the random hacker
Here's a quick summary of what's been happening in the infosec world lately, beyond what we've already reported. Louisiana declares state of emergency over ransomware A massive ransomware infection spreading among Louisiana school districts has caused the governor to declare a state of emergency – a designation usually …
> The online investment site told some customers that some of their their passwords had been erroneously stored in plain text, rather than hashed
So how did those users manage to log in then?
Process flow: go to website -> enter password -> entered password is hashed -> hash is compared against stored hash -> should fail at that point if the password was stored as plain text. Sounds like there is a bit more to this than they are saying.
Biting the hand that feeds IT © 1998–2022